/** * shishi_encapreppart_get_key: * @handle: shishi handle as allocated by shishi_init(). * @encapreppart: input EncAPRepPart variable. * @key: newly allocated key. * * Extract the subkey from the encrypted AP-REP part. * * Return value: Returns SHISHI_OK iff succesful. **/ int shishi_encapreppart_get_key (Shishi * handle, Shishi_asn1 encapreppart, Shishi_key ** key) { int res; char *buf; size_t buflen; int32_t keytype; res = shishi_asn1_read_int32 (handle, encapreppart, "subkey.keytype", &keytype); if (res != SHISHI_OK) return res; res = shishi_asn1_read (handle, encapreppart, "subkey.keyvalue", &buf, &buflen); if (res != SHISHI_OK) return res; if (shishi_cipher_keylen (keytype) != buflen) return SHISHI_ENCAPREPPART_BAD_KEYTYPE; res = shishi_key_from_value (handle, keytype, buf, key); free (buf); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_authenticator_authorizationdata: * @handle: shishi handle as allocated by shishi_init(). * @authenticator: authenticator as allocated by shishi_authenticator(). * @adtype: output authorization data type. * @addata: newly allocated output authorization data. * @addatalen: on output, actual size of newly allocated authorization data. * @nth: element number of authorization-data to extract. * * Extract n:th authorization data from authenticator. The first * field is 1. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_authenticator_authorizationdata (Shishi * handle, Shishi_asn1 authenticator, int32_t * adtype, char **addata, size_t * addatalen, size_t nth) { char *format; int res; size_t i; res = shishi_asn1_number_of_elements (handle, authenticator, "authorization-data", &i); if (res != SHISHI_OK) return SHISHI_ASN1_ERROR; if (nth > i) return SHISHI_OUT_OF_RANGE; asprintf (&format, "authorization-data.?%zu.ad-type", nth); res = shishi_asn1_read_int32 (handle, authenticator, format, adtype); free (format); if (res != SHISHI_OK) return res; asprintf (&format, "authorization-data.?%zu.ad-data", i); res = shishi_asn1_read (handle, authenticator, format, addata, addatalen); free (format); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_authenticator_get_subkey: * @handle: shishi handle as allocated by shishi_init(). * @authenticator: authenticator as allocated by shishi_authenticator(). * @subkey: output newly allocated subkey from authenticator. * * Read subkey value from authenticator. * * Return value: Returns SHISHI_OK if successful or SHISHI_ASN1_NO_ELEMENT * if subkey is not present. **/ int shishi_authenticator_get_subkey (Shishi * handle, Shishi_asn1 authenticator, Shishi_key ** subkey) { int res; int subkeytype; char *subkeyvalue; size_t subkeylen; res = shishi_asn1_read_int32 (handle, authenticator, "subkey.keytype", &subkeytype); if (res != SHISHI_OK) return res; res = shishi_asn1_read (handle, authenticator, "subkey.keyvalue", &subkeyvalue, &subkeylen); if (res != SHISHI_OK) return res; res = shishi_key (handle, subkey); if (res != SHISHI_OK) return res; shishi_key_type_set (*subkey, subkeytype); shishi_key_value_set (*subkey, subkeyvalue); return SHISHI_OK; }
/** * shishi_encticketpart_get_key: * @handle: shishi handle as allocated by shishi_init(). * @encticketpart: input EncTicketPart variable. * @key: newly allocated key. * * Extract the session key in the Ticket. * * Return value: Returns %SHISHI_OK iff successful. **/ int shishi_encticketpart_get_key (Shishi * handle, Shishi_asn1 encticketpart, Shishi_key ** key) { int res; char *buf; size_t buflen; int32_t keytype; res = shishi_asn1_read_int32 (handle, encticketpart, "key.keytype", &keytype); if (res != SHISHI_OK) return res; res = shishi_asn1_read (handle, encticketpart, "key.keyvalue", &buf, &buflen); if (res != SHISHI_OK) return res; res = shishi_key_from_value (handle, keytype, buf, key); free (buf); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_kdcreq_etype: * @handle: shishi handle as allocated by shishi_init(). * @kdcreq: KDC-REQ variable to get etype field from. * @etype: output encryption type. * @netype: element number to return. * * Return the netype:th encryption type from KDC-REQ. The first etype * is number 1. * * Return value: Returns SHISHI_OK iff etype successful set. **/ int shishi_kdcreq_etype (Shishi * handle, Shishi_asn1 kdcreq, int32_t * etype, int netype) { char *buf; int res; asprintf (&buf, "req-body.etype.?%d", netype); res = shishi_asn1_read_int32 (handle, kdcreq, buf, etype); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_authenticator_cksum: * @handle: shishi handle as allocated by shishi_init(). * @authenticator: authenticator as allocated by shishi_authenticator(). * @cksumtype: output checksum type. * @cksum: newly allocated output checksum data from authenticator. * @cksumlen: on output, actual size of allocated output checksum data buffer. * * Read checksum value from authenticator. @cksum is allocated by * this function, and it is the responsibility of caller to deallocate * it. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_authenticator_cksum (Shishi * handle, Shishi_asn1 authenticator, int32_t * cksumtype, char **cksum, size_t * cksumlen) { int res; res = shishi_asn1_read_int32 (handle, authenticator, "cksum.cksumtype", cksumtype); if (res != SHISHI_OK) return res; res = shishi_asn1_read (handle, authenticator, "cksum.checksum", cksum, cksumlen); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_kdcreq_get_padata: * @handle: shishi handle as allocated by shishi_init(). * @kdcreq: KDC-REQ to get PA-DATA from. * @padatatype: type of PA-DATA, see Shishi_padata_type. * @out: output array with newly allocated PA-DATA value. * @outlen: size of output array with PA-DATA value. * * Get pre authentication data (PA-DATA) from KDC-REQ. Pre * authentication data is used to pass various information to KDC, * such as in case of a SHISHI_PA_TGS_REQ padatatype the AP-REQ that * authenticates the user to get the ticket. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_kdcreq_get_padata (Shishi * handle, Shishi_asn1 kdcreq, Shishi_padata_type padatatype, char **out, size_t * outlen) { char *format; int res; size_t i, n; res = shishi_asn1_number_of_elements (handle, kdcreq, "padata", &n); if (res != SHISHI_OK) return res; *out = NULL; *outlen = 0; for (i = 1; i <= n; i++) { int32_t patype; asprintf (&format, "padata.?%zu.padata-type", i); res = shishi_asn1_read_int32 (handle, kdcreq, format, &patype); free (format); if (res != SHISHI_OK) return res; if (patype == (int32_t) padatatype) { asprintf (&format, "padata.?%zu.padata-value", i); res = shishi_asn1_read (handle, kdcreq, format, out, outlen); free (format); if (res != SHISHI_OK) return res; break; } } return SHISHI_OK; }
/** * shishi_apreq_get_authenticator_etype: * @handle: shishi handle as allocated by shishi_init(). * @apreq: AP-REQ variable to get value from. * @etype: output variable that holds the value. * * Extract AP-REQ.authenticator.etype. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_apreq_get_authenticator_etype (Shishi * handle, Shishi_asn1 apreq, int32_t * etype) { return shishi_asn1_read_int32 (handle, apreq, "authenticator.etype", etype); }